CVE-2019-6170

CVSS 6.4 MEDIUMEPSS 0.4%

A potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phase in some Lenovo ThinkPad models may allow arbitrary code execution.

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Lenovo · ThinkPad

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.lenovo.com/us/en/product_security/LEN-27714